Rename the top-level lib/ directory to core/ so the project root immediately communicates which code is core platform and which lives in modules/. PHP namespaces (MintyPHP\*) are unchanged — only the Composer PSR-4 path mapping moves from lib/ to core/. Module-internal lib/ directories (modules/*/lib/) are untouched. Updated across the full stack: - composer.json PSR-4 mapping - bootstrap entry points (web/index.php, bin/*, tests/bootstrap.php) - tooling configs (phpstan.neon, phpunit.xml, php-cs-fixer) - 26 architecture contract tests - enforcement-policy, guard-catalog, quality-gates - all documentation (CLAUDE.md, README, 25 docs/, .agents/skills/) - bin/qa-extended.sh search paths - .claude/settings.local.json permission paths Workflow: .agents/runs/CORE-LIB-RENAME-001/ (Analyst → Planner → Executor → Code Review (4 findings fixed) → Security Review → Acceptance Test → Finalizer) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
180 lines
7.4 KiB
PHP
180 lines
7.4 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Service\Auth;
|
|
|
|
use MintyPHP\App\AppContainer;
|
|
use MintyPHP\App\Module\ModuleEventDispatcher;
|
|
use MintyPHP\Http\CookieStoreInterface;
|
|
use MintyPHP\Http\RequestRuntimeInterface;
|
|
use MintyPHP\Http\SessionStoreInterface;
|
|
use MintyPHP\Repository\Support\DatabaseSessionRepository;
|
|
use MintyPHP\Service\Audit\AuditRecorderInterface;
|
|
use MintyPHP\Service\Mail\MailServicesFactory;
|
|
use MintyPHP\Service\User\UserServicesFactory;
|
|
|
|
class AuthServicesFactory
|
|
{
|
|
private ?TenantSsoService $tenantSsoService = null;
|
|
private ?LdapAuthService $ldapAuthService = null;
|
|
private ?MicrosoftOidcStateStoreService $microsoftOidcStateStoreService = null;
|
|
private ?MicrosoftOidcService $microsoftOidcService = null;
|
|
private ?ApiTokenService $apiTokenService = null;
|
|
private ?PasswordResetService $passwordResetService = null;
|
|
private ?EmailVerificationService $emailVerificationService = null;
|
|
private ?RememberMeService $rememberMeService = null;
|
|
private ?AuthService $authService = null;
|
|
private ?SsoUserLinkService $ssoUserLinkService = null;
|
|
private ?AuthSessionTenantContextService $authSessionTenantContextService = null;
|
|
|
|
public function __construct(
|
|
private readonly UserServicesFactory $userServicesFactory,
|
|
private readonly AuditRecorderInterface $auditRecorder,
|
|
private readonly MailServicesFactory $mailServicesFactory,
|
|
private readonly AuthRepositoryFactory $authRepositoryFactory,
|
|
private readonly AuthGatewayFactory $authGatewayFactory,
|
|
private readonly DatabaseSessionRepository $databaseSessionRepository,
|
|
private readonly SessionStoreInterface $sessionStore,
|
|
private readonly CookieStoreInterface $cookieStore,
|
|
private readonly RequestRuntimeInterface $requestRuntime,
|
|
private readonly AppContainer $appContainer
|
|
) {
|
|
}
|
|
|
|
public function createApiTokenService(): ApiTokenService
|
|
{
|
|
return $this->apiTokenService ??= new ApiTokenService(
|
|
$this->userServicesFactory->createUserReadRepository(),
|
|
$this->authRepositoryFactory->createApiTokenRepository(),
|
|
$this->authGatewayFactory->createAuthSettingsGateway(),
|
|
$this->authGatewayFactory->getTenantScopeService(),
|
|
$this->databaseSessionRepository,
|
|
$this->requestRuntime
|
|
);
|
|
}
|
|
|
|
public function createPasswordResetService(): PasswordResetService
|
|
{
|
|
return $this->passwordResetService ??= new PasswordResetService(
|
|
$this->userServicesFactory->createUserReadRepository(),
|
|
$this->authRepositoryFactory->createPasswordResetRepository(),
|
|
$this->userServicesFactory->createUserPasswordService(),
|
|
$this->createRememberMeService(),
|
|
$this->mailServicesFactory->createMailService()
|
|
);
|
|
}
|
|
|
|
public function createEmailVerificationService(): EmailVerificationService
|
|
{
|
|
return $this->emailVerificationService ??= new EmailVerificationService(
|
|
$this->userServicesFactory->createUserReadRepository(),
|
|
$this->userServicesFactory->createUserWriteRepository(),
|
|
$this->authRepositoryFactory->createEmailVerificationRepository(),
|
|
$this->mailServicesFactory->createMailService()
|
|
);
|
|
}
|
|
|
|
public function createRememberMeService(): RememberMeService
|
|
{
|
|
return $this->rememberMeService ??= new RememberMeService(
|
|
$this->userServicesFactory->createUserReadRepository(),
|
|
$this->userServicesFactory->createUserWriteRepository(),
|
|
$this->authRepositoryFactory->createRememberTokenRepository(),
|
|
$this->authGatewayFactory->createPermissionService(),
|
|
$this->createAuthSessionTenantContextService(),
|
|
$this->sessionStore,
|
|
$this->cookieStore,
|
|
$this->requestRuntime,
|
|
$this->authGatewayFactory->createAuthSettingsGateway(),
|
|
new RememberMeRateLimiter()
|
|
);
|
|
}
|
|
|
|
public function createAuthService(): AuthService
|
|
{
|
|
return $this->authService ??= new AuthService(
|
|
$this->userServicesFactory->createUserReadRepository(),
|
|
$this->userServicesFactory->createUserWriteRepository(),
|
|
$this->userServicesFactory->createUserAccountService(),
|
|
$this->userServicesFactory->createUserTenantContextService(),
|
|
$this->createRememberMeService(),
|
|
$this->createEmailVerificationService(),
|
|
$this->authGatewayFactory->createPermissionService(),
|
|
$this->createTenantSsoService(),
|
|
$this->createAuthSessionTenantContextService(),
|
|
$this->auditRecorder,
|
|
$this->sessionStore,
|
|
$this->resolveEventDispatcher()
|
|
);
|
|
}
|
|
|
|
public function createSsoUserLinkService(): SsoUserLinkService
|
|
{
|
|
return $this->ssoUserLinkService ??= new SsoUserLinkService(
|
|
$this->userServicesFactory->createUserReadRepository(),
|
|
$this->userServicesFactory->createUserWriteRepository(),
|
|
$this->userServicesFactory->createUserAssignmentService(),
|
|
$this->userServicesFactory->createUserTenantRepository(),
|
|
$this->authGatewayFactory->createAuthSettingsGateway(),
|
|
$this->createTenantSsoService(),
|
|
$this->userServicesFactory->createUserAvatarService(),
|
|
$this->authGatewayFactory->createAuthExternalIdentityGateway()
|
|
);
|
|
}
|
|
|
|
public function createTenantSsoService(): TenantSsoService
|
|
{
|
|
return $this->tenantSsoService ??= new TenantSsoService(
|
|
$this->authGatewayFactory->createAuthTenantGateway(),
|
|
$this->authRepositoryFactory->createTenantMicrosoftAuthRepository(),
|
|
$this->authRepositoryFactory->createTenantLdapAuthRepository(),
|
|
$this->authGatewayFactory->createAuthSettingsGateway(),
|
|
$this->authGatewayFactory->createAuthCryptoGateway()
|
|
);
|
|
}
|
|
|
|
public function createLdapAuthService(): LdapAuthService
|
|
{
|
|
return $this->ldapAuthService ??= new LdapAuthService(
|
|
new LdapConnectionGateway()
|
|
);
|
|
}
|
|
|
|
public function createMicrosoftOidcStateStore(): MicrosoftOidcStateStoreService
|
|
{
|
|
return $this->microsoftOidcStateStoreService ??= new MicrosoftOidcStateStoreService($this->sessionStore);
|
|
}
|
|
|
|
public function createMicrosoftOidcService(): MicrosoftOidcService
|
|
{
|
|
return $this->microsoftOidcService ??= new MicrosoftOidcService(
|
|
$this->createTenantSsoService(),
|
|
$this->authGatewayFactory->createAuthTenantGateway(),
|
|
$this->createOidcHttpGateway(),
|
|
$this->createMicrosoftOidcStateStore()
|
|
);
|
|
}
|
|
|
|
private function createOidcHttpGateway(): OidcHttpGateway
|
|
{
|
|
return new OidcHttpGateway();
|
|
}
|
|
|
|
private function resolveEventDispatcher(): ?ModuleEventDispatcher
|
|
{
|
|
if ($this->appContainer->has(ModuleEventDispatcher::class)) {
|
|
$dispatcher = $this->appContainer->get(ModuleEventDispatcher::class);
|
|
return $dispatcher instanceof ModuleEventDispatcher ? $dispatcher : null;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
private function createAuthSessionTenantContextService(): AuthSessionTenantContextService
|
|
{
|
|
return $this->authSessionTenantContextService ??= new AuthSessionTenantContextService(
|
|
$this->userServicesFactory->createUserTenantContextService(),
|
|
$this->sessionStore,
|
|
$this->appContainer
|
|
);
|
|
}
|
|
}
|